Feature

• Host phylum-ci Docker image on GitHub Container Registry (#97) (ebc882e)

Feature

• Add git pre-commit hook integration (#91) (99c5726)

Fix

• Incorrect vulnerability risk domain package key name (#94) (247b4a4)

Documentation

• Update CONTRIBUTING.md to show how to add dependencies without constraints (d25dd1f)
• Create exclusive directory for Integrations docs to sync properly (#80) (d8b608b)

Feature

• Check for and list valid versions and targets programmatically in phylum-init (#74) (7066565)

Documentation

• Add integration documentation to Phylum docs page (5b988b9)

Performance

• Allow native Docker image creation (#77) (9ee4123)

Fix

• Detect lockfile changes in GitHub PRs (#73) (c119a4a)
• Apply total threshold to all risk domains (#71) (0b19167)

Feature

• Add support for GitHub Actions CI environment (#68) (b59da0a)

Fix

• Docker image tags are inconsistent (#67) (00a2b53)

Feature

• Coordinate phylum-ci Docker image releases with new CLI releases (#63) (82b57e2)
• Expose version arguments with a short form -V (92e9149)

Fix

• Using gh cli requires specifying a token (#65) (1e070fd)
• Logical prefixed not fails GitHub workflow syntax (#64) (00a5cb1)
• Re-enable building docker images with pre-built distributions (c5d7aa0)

Documentation

• Add a Code of Conduct (#60) (c953f68)
• Add a security policy (21fce1b)
• Reformat code examples to add whitespace lines (a31fdce)

Performance

• Optimize Docker image (0e28066)

Feature

• Use a single character for "single dash" options (6a4b032)

Breaking

• The short options for the following arguments changed (6a4b032):
  • --force-analysis was changed from -fa to -f
  • --force-install was changed from -fi to -i
  • --vul-threshold was changed from -vt to -u
  • --mal-threshold was changed from -mt to -m
  • --eng-threshold was changed from -et to -e
  • --lic-threshold was changed from -lt to -c
  • --aut-threshold was changed from -at to -o

Feature

• Provide an option to force analysis (#55) (4d6fc3b)
• Default to project settings for risk domain thresholds (#52) (9f10442)
• Default to analyzing new dependencies only (#53) (e0894fc)

Fix

• Ensure the "CI Platform Name" portion of a label is correct (#55) (1867fb6)
• Enable Phylum UI links for groups (#54) (8775a63)

Breaking Changes

• Individual risk domain threshold values can be set with command line options, which now accept values between 0 and 100, inclusive
  • Previously, the accepted values were between 0 and 99, inclusive
• The option to analyze --new-deps-only was removed and replaced with one that has the opposite meaning: --all-deps
• The short option to --force-install was changed from -f to -fi

Fix

• Ensure notes are not duplicated in GitLab MRs (#43) (a8ffe7f)

Fix

• Sync package issue key name changes from CLI v3.4.0 release (#41) (2f5f8d5)

Feature

• Add support for GitLab CI environment (#38) (732daea)

Feature

• Expose the Python package as a Docker image (#37) (0976f1d)

Feature

• Add phylum-ci script entry point to analyze lockfile changes (#36) (f1cbac7)

Fix

• Use phylum-bot account instead of a personal account (#34) (40ba743)

Added

• Modern release workflow

Added

• phylum-init script entry point and initial functionality
• Test workflows for local and CI based testing
• Preview and Release workflows for Staging and Production environments
• Phylum analyze workflow for PRs

Added

• Basic Python project structure
  • Make use of poetry for environment, dependency, and package build/publish workflows
  • Not enough to provide any real functionality
  • Just enough to have a first release on TestPyPI and PyPI to claim the package name
• Basic test structure, making use of pytest
• This CHANGELOG.md file to adhere to a standard for documenting changes
• A README.md file to explain how to do local development with this structure